Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-09-11 15:52	fasfqwrqweqw.exe 7278b6ce3ddda7dba2473e0392e54ea6 RedLine stealer UPX AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5		11.4	M	53	ZeroCERT

2	2023-08-26 21:42	fasfqwrqweqw.exe 7278b6ce3ddda7dba2473e0392e54ea6 RedLine stealer UPX AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Microsoft suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	5		11.4		48	ZeroCERT

3	2021-10-27 14:47	GOMAUDIOKORSETUP_NEW.EXE 9f869aecfc2c65dc3a0c170ebcd4d429 Gen2 RAT Formbook Gen1 PWS .NET framework Emotet Eredel Stealer Extended njRAT backdoor North Korea NPKI Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer ASPack Antivirus Anti_VM Socket Escalate priviledges ScreenSh VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion anti-virtualization VM Disk Size Check Tofsee Windows Browser Advertising ComputerName Firmware crashed keylogger	59 Keyword trend analysis Info http://r6726306.iavs9x.u.avast.com/iavs9x/avdump_x64_ais-997.vpx http://r3802239.iavs9x.u.avast.com/iavs9x/part-prg_ais-15020997.vpx http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl http://g1928587.vps18tiny.u.avcdn.net/vps18tiny/part-vps_windows-21102505.vpx http://r6726306.iavs9x.u.avast.com/iavs9x/offertool_x64_ais-997.vpx http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl http://img.gomlab.com/img/gomproduct/setup/gomaudio_header.png http://r6726306.iavs9x.u.avast.com/iavs9x/instcont_x64_ais-997.vpx http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl http://www.google-analytics.com/collect?aiid=mmm_gom_ppi_003_434_m&an=Free&av=21.8.6586&cd=stub-extended&cd3=Online&cid=f67aa09e-bd89-4ed5-8e92-1707c1a27e97&dt=Installation&t=screenview&tid=UA-58120669-3&v=1 http://playinfo.gomlab.com/cms/bundle/log.gom?log=avast,KR,KR,175.208.134.150&mode=new&type=show http://img.gomlab.com/js/web/jquery-1.8.x.js?20170228 http://playinfo.gomlab.com/cms/bundle/log.gom?log=avast,KR,KR,175.208.134.150&mode=new&type=AcceptClicked http://r6726306.iavs9x.u.avast.com/iavs9x/sbr_x64_ais-997.vpx http://r6726306.iavs9x.u.avast.com/iavs9x/avbugreport_x64_ais-997.vpx http://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl http://r6726306.iavs9x.u.avast.com/iavs9x/instup_x64_ais-997.vpx http://g1928587.vps18tiny.u.avcdn.net/vps18tiny/part-jrog2-41.vpx http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_dirpage&prd=audio&type=check¶m=KOR,2.2.27.0&agent=GomAudio_Setup&ukey=7446 http://playinfo.gomlab.com/setup_v2/index.gom?setup=audio&name=GOMAUDIOKORSETUP_NEW&bit=32&lang=kor&version=2.2.27.0&checkdate=202104151505 http://r6726306.iavs9x.u.avast.com/iavs9x/setgui_x64_ais-997.vpx http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl http://playinfo.gomlab.com/setup_v2/bundle.gom?bundle=avast&resource=true&country=KR&setup=audio http://log.gomlab.com/audio/install?build=new_kor&fpb=&version=2.2.27.0&os=windows764bit&lang=kor&bit=32bit&guid=9604e1a277cf0c84fd663ec04db3d3fb&browser=ie http://r6726306.iavs9x.u.avast.com/iavs9x/part-setup_ais-15020997.vpx http://r6726306.iavs9x.u.avast.com/iavs9x/servers.def.vpx http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_dirpage&prd=audio&type=view¶m=KOR,2.2.27.0&agent=GomAudio_Setup&ukey=7446 http://playinfo.gomlab.com/cms/bundle/log.gom?log=avast,KR,KR,175.208.134.150&mode=new&type=check http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl http://r6726306.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx http://r3802239.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_finish&prd=audio&type=check¶m=KOR,2.2.27.0&agent=GomAudio_Setup&ukey=7446 http://r6726306.iavs9x.u.avast.com/iavs9x/avdump_x86_ais-997.vpx http://g1928587.vps18tiny.u.avcdn.net/vps18tiny/prod-vps.vpx http://ncube.gomtv.com/gom/Promotion.ini http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomaudio&type=set¶m=KOR,2.2.27.0&agent=GomAudio_Setup&ukey=7446 http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=zum_dirpage&prd=audio&type=set¶m=KOR,2.2.27.0&agent=GomAudio_Setup&ukey=7446 http://go.microsoft.com/fwlink/?linkid=2088631 http://playinfo.gomlab.com/setup_v2/bundle.gom?bundle=clipdown&resource=true&country=KR&setup=audio http://estat-thirdparty.zum.com/at.gif?data=eyAiZXZlbnQiOiAiQENvbnNlbnQiLCAicHJvcGVydGllcyI6IHsgInNvZnR3YXJlIjogIkdvbUF1ZGlvIiwgImNoZWNrYm94Q2xpY2siOiAidHJ1ZSIsICJjaGVja1N0ZXAiOiAyLCAidGltZSI6IDE2MzUzNDkzNDAgfSB9&time=1635349340621 http://img.gomlab.com/css/gomproduct/setup.css?20170228 http://iavs9x.u.avast.com/iavs9x/avast_free_antivirus_setup_online_x64.exe http://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/8494001c276a4b96804cde7829c04d7f/ndp48-x86-x64-allos-enu.exe http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomaudio&type=view¶m=KOR,2.2.27.0&agent=GomAudio_Setup&ukey=7446 http://ana.gomtv.com/cgi-bin/prdpromo.cgi?promo=clipdown&prd=gomaudio&type=check¶m=KOR,2.2.27.0&agent=GomAudio_Setup&ukey=7446 http://playinfo.gomlab.com/cms/bundle/log.gom?log=avast,KR,KR,175.208.134.150&mode=new&type=installed http://www.google-analytics.com/collect https://cdn.gomlab.com/gretech/GOMSetupV2/Bundle/clipdown/img/banner.png https://alpha-license-dealer.ff.avast.com/common/v1/device/unattendedtrial https://cdn.gomlab.com/gretech/GOMSetupV2/Bundle/avast/img/cma-2706_498x200-kr.png https://cdn2.gomlab.com/gretech/GOMSetupV2/ruledef.ini https://shepherd.ff.avast.com/ https://bits.avcdn.net/platform_WIN/productfamily_ANTIVIRUS/cookie_mmm_gom_ppi_003_434_m/avast_free_antivirus_setup_online.exe https://cdn.gomlab.com/gretech/promotion_sw/clidpdownsetup.exe https://cdn.gomlab.com/gretech/GOMSetupV2/Bundle/finish_kor/img/promotion.bmp https://cdn.gomlab.com/gretech/GOMSetupV2/Bundle/flash_kor/img/promotion.png https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi	52 Info log.gomlab.com(34.202.213.193) ana.gomtv.com(183.110.10.189) z4055813.iavs9x.u.avast.com(23.43.165.50) p9854759.iavs9x.u.avast.com(23.43.165.50) cdn.gomlab.com(14.0.114.117) bits.avcdn.net(23.40.45.32) shepherd.ff.avast.com(69.94.69.113) r4427608.vps18tiny.u.avcdn.net(23.43.165.59) r0965026.vps18tiny.u.avcdn.net(23.43.165.59) c3978047.iavs9x.u.avast.com(23.43.165.50) h4444966.vps18tiny.u.avcdn.net(23.43.165.59) y8002308.iavs9x.u.avast.com(23.43.165.50) s-iavs9x.avcdn.net(23.40.45.32) l7814800.iavs9x.u.avast.com(23.43.165.75) s-vps18tiny.avcdn.net(23.40.45.32) m0658849.iavs9x.u.avast.com(23.43.165.75) iavs9x.u.avast.com(23.43.165.50) r3802239.iavs9x.u.avast.com(23.43.165.50) ncube.gomtv.com(183.110.10.192) h4444966.iavs9x.u.avast.com(23.43.165.75) g1928587.vps18tiny.u.avcdn.net(23.43.165.59) www.google-analytics.com(172.217.31.142) alpha-license-dealer.ff.avast.com(69.94.69.205) l4691727.iavs9x.u.avast.com(23.43.165.50) r6726306.iavs9x.u.avast.com(23.43.165.50) www.microsoft.com(104.109.241.178) v7event.stats.avast.com(69.94.68.209) img.gomlab.com(54.192.70.16) download.visualstudio.microsoft.com(192.229.232.200) cdn2.gomlab.com(14.0.114.116) playinfo.gomlab.com(13.224.42.10) n4291289.vps18tiny.u.avcdn.net(23.43.165.59) estat-thirdparty.zum.com(112.175.191.56) 112.175.191.56 183.110.10.192 23.43.165.75 77.234.46.23 23.53.224.176 99.84.224.136 96.7.251.224 34.202.213.193 183.110.10.189 142.250.199.78 5.62.53.239 14.0.114.116 99.86.207.102 23.43.165.50 5.62.40.201 23.201.37.168 5.62.38.16 23.43.165.59 192.229.232.200	4		18.4		7	guest

First
1
Last
Total : 3cnts